• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 1. Stealing Candy from a Baby Ho... > Email Addresses: Not Just for Email ...

Email Addresses: Not Just for Email Anymore

Over the past few years, email addresses have moved beyond being used simply to send email. Many Web sites now regularly use your email address as your user ID for authentication purposes. This identification method makes sense and solves some of the problems with remembering a multitude of user IDs, but it can cause some privacy issues when your email address is inadvertently exposed.

Case Study 1-7

John frequented several sites where his email address was his login ID. One day he received an email from one of these sites indicating that there had been a security compromise and recommending that all users reset their passwords. The site didn't have any particularly sensitive information of John's, such as his personal address, phone number, or credit card number, so after he reset his password, he didn't give the attack another thought.

Weeks later, the real motivation behind the attack became evident. All the site users had been targeted for a series of email attacks. However, none of the targeted users correlated the email attacks with the Web site security compromise, so the site was unable to warn its users of the attack. John was hit hard by the email attacks, but never realized that his email address was stolen in the Web site attack, and that was the reason he was targeted.



PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint